SQ-PUF: A Resistant PUF-Based Authentication Protocol against Machine-Learning Attacks (opens in a new tab)
Iranian Journal of Electrical and Computer Engineering — the thesis's defensive architecture
University of Tehran · Digital Electronic Systems · 2018 – 2021
Securing communication in the Internet of Things is not just an encryption problem — it is an authentication problem. If a device cannot prove who it is, an attacker can simply replay or relay legitimate messages, and encryption alone does not help. Physical Unclonable Functions (PUFs) offer a lightweight answer: they derive a device-unique challenge–response behaviour from uncontrollable manufacturing variation, giving every chip a fingerprint that is cheap to evaluate and hard to clone.
PUFs, however, have a well-known weakness: their challenge–response behaviour can often be learned. This thesis attacks the problem from both sides. On the offensive side, I developed two machine-learning strategies that model the behaviour of RPUF and OBPUF architectures with significantly improved attack efficiency compared to prior approaches.
On the defensive side, the lessons from those attacks led to SQ-PUF, a secure, scalable PUF-based authentication architecture designed to resist machine-learning attacks. I evaluated SQ-PUF for ML-attack resilience as well as the standard PUF quality metrics — uniformity and uniqueness — and its hardware overhead. The same research line later produced DC-PUF, an ML-resistant PUF-based authentication protocol for resource-constrained IoT, published in the Journal of Network & Computer Applications.
Iranian Journal of Electrical and Computer Engineering — the thesis's defensive architecture
J. Network & Computer Applications, vol. 217, 2023 — from the same research line · DOI 10.1016/j.jnca.2023.103693
// full list on the publications section of the main page